{"id":798,"date":"2013-03-01T12:32:56","date_gmt":"2013-03-01T12:32:56","guid":{"rendered":"https:\/\/www.billingparadise.com\/blog\/?p=798"},"modified":"2022-06-03T10:17:03","modified_gmt":"2022-06-03T15:17:03","slug":"are-your-business-associates-hipaa-compliant-10-questions-you-need-to-ask","status":"publish","type":"post","link":"https:\/\/www.billingparadise.com\/blog\/are-your-business-associates-hipaa-compliant-10-questions-you-need-to-ask\/","title":{"rendered":"Are your business associates hipaa compliant? 10 questions you need to ask"},"content":{"rendered":"

HIPAA Omnibus and why it can affect your practice!<\/strong><\/p>\n

As the final HIPAA rules were released, it caused major ripples across the industry. It lays strict emphasis on the usage and acquirement of protected health information. But of course you have secure servers, and work with trusted people and organizations. But that is no guarantee against a data breach. The new HIPAA rule makes everybody who works with PHI, be accountable for it.<\/p>\n

The headline grabbers!<\/strong><\/p>\n

When the University of California at Los Angeles Health System (UCLA) had to pay a settlement of $865,000 for violating privacy laws it sent shock waves through the industry<\/span>. And more recently when CignaHealth had to pay an astronomical fine of 4.3 million dollars, it was a clear marker of how serious HIPAA violations can be.<\/p>\n

\u00a0The Alaska department of health and social services had to pay a fine of 1.7 million to the federal government. The DHSS had not trained its staff on security measures and had not implemented procedures to safeguard PHI.<\/p>\n

\u00a0And who can forget Huping Zhou who (in) famously became the first person to be jailed for hipaa violation. With HIPAA Omnibus coming into effect, practices should do everything in their capacity to stop their practices from becoming tabloid fodder.<\/p>\n

Talk to your business associates\u2026<\/strong><\/p>\n

\u00a0Physicians who partner with business associates should be doubly sure that the organization is in compliance with the revised hipaa rules<\/span>. There are rigid guidelines that business associates and sub-contractors must adhere to.<\/p>\n

\u00a0It is important for physicians to review and redraft their business associate agreements. And, to get the complete details of the vendors, freelancers and contractors who work with their business associates.<\/p>\n

Who accesses your EHR?<\/strong><\/p>\n

Do you work with a third party billing or document management firm<\/span>?<\/span> It is now more important than ever, you know who accesses your EHR<\/span>.<\/span> You are asking for trouble if your associates don\u2019t understand your ehr, which in turn can lead to major security lapses.<\/p>\n

EHRs can lead to a fine slapped on your practice!<\/strong><\/p>\n

\u00a0Not very long ago a small physician group had to pay 100,000 dollars as fine and had to undergo a one year corrective action plan.
\nAllegedly, sensitive details of patients were publicly accessible. The details were available on an internet calendar. It was reported that employees forwarded clinical details into their private inboxes.<\/p>\n

[slideshare id=16858375&doc=hippa-way-to-taste-the-success-130301062720-phpapp02]<\/p>\n

Check with you business associates\u2026<\/strong><\/p>\n

\u00a0With business associates becoming equally accountable it is important you perform a rain check on the security measures the organization follows.<\/p>\n

\u00a0\u2022 Check if there is a security officer always present<\/span>
\n \u2022 That they have the IT infrastructure to meet HIPAA compliance standards<\/span>
\n \u2022 And on whether staff are trained on security regulations<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

HIPAA Omnibus and why it can affect your practice! As the final HIPAA rules were released, it caused major ripples across the industry. It lays strict emphasis on the usage and acquirement of protected health information. But of course you have secure servers, and work with trusted people and organizations. But that is no guarantee […]<\/p>\n","protected":false},"author":2,"featured_media":809,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[743],"tags":[],"class_list":["post-798","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-practice-management"],"_links":{"self":[{"href":"https:\/\/www.billingparadise.com\/blog\/wp-json\/wp\/v2\/posts\/798","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.billingparadise.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.billingparadise.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.billingparadise.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.billingparadise.com\/blog\/wp-json\/wp\/v2\/comments?post=798"}],"version-history":[{"count":0,"href":"https:\/\/www.billingparadise.com\/blog\/wp-json\/wp\/v2\/posts\/798\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.billingparadise.com\/blog\/wp-json\/wp\/v2\/media\/809"}],"wp:attachment":[{"href":"https:\/\/www.billingparadise.com\/blog\/wp-json\/wp\/v2\/media?parent=798"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.billingparadise.com\/blog\/wp-json\/wp\/v2\/categories?post=798"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.billingparadise.com\/blog\/wp-json\/wp\/v2\/tags?post=798"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}